Windows Security Consultant- 6 Months- Inside IR35- Hybrid in Hove

Hamilton Barnes
Brighton and Hove, United Kingdom
2 days ago

Role details

Contract type
Contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English

Job location

Brighton and Hove, United Kingdom

Tech stack

Microsoft Windows
Configuration Management
Microsoft Management Console
Microsoft Software
System Center Configuration Manager
Powershell
Microsoft InTune
Azure Security Center
Windows Security

Job description

Windows Security Consultant- 6 months- Inside IR35- Hybrid in Hove

Role Overview

A 6-month hybrid contract role based in Hove (3 days on-site) within a Financial Services unit, focused on enterprise endpoint security. The position requires a security engineer with strong expertise in Microsoft Application Control (WDAC/AppLocker) alongside the Ivanti suite of endpoint management tools. The role spans policy design, implementation, and ongoing management to secure enterprise endpoints while balancing usability and productivity.

Key Responsibilities

  • Design, deploy, and manage Windows Defender Application Control (WDAC) policies and AppLocker whitelisting strategies, including code integrity policies to restrict execution to trusted applications.
  • Monitor, audit, and troubleshoot application control policies, integrating them with Microsoft Intune and Group Policy for centralised management.
  • Configure and manage Ivanti Environment Manager for user personalisation, profile optimisation, and improved logon performance.
  • Implement Ivanti Device & Application Control (IDAC) for application whitelisting/blacklisting and device control (eg USB and peripheral restrictions), ensuring endpoint compliance.
  • Manage centralised policy deployment via the Ivanti Management Console, including agent deployment, upgrades, and package distribution.

Top 5 Skills

  • WDAC & AppLocker expertise- Hands-on experience designing and enforcing Windows Defender Application Control and AppLocker policies, including audit vs. enforced modes and code signing principles.
  • Ivanti suite proficiency Practical experience across Ivanti Environment Manager, Device & Application Control, and the Ivanti Management Console for endpoint policy and configuration management.
  • Windows security architecture- Strong understanding of application whitelisting, policy enforcement, and broader Windows endpoint security principles.
  • Policy deployment & troubleshooting- Experience deploying policies via Intune or Group Policy, with the ability to troubleshoot application blocking and connectivity issues.
  • Endpoint security tooling- Familiarity with Microsoft Defender for Endpoint, PowerShell Scripting for policy management, and tools such as SCCM; relevant certifications (Microsoft MD-102/SC-200 or Ivanti) are a plus.

Requirements

  • WDAC & AppLocker expertise- Hands-on experience designing and enforcing Windows Defender Application Control and AppLocker policies, including audit vs. enforced modes and code signing principles.
  • Ivanti suite proficiency Practical experience across Ivanti Environment Manager, Device & Application Control, and the Ivanti Management Console for endpoint policy and configuration management.
  • Windows security architecture- Strong understanding of application whitelisting, policy enforcement, and broader Windows endpoint security principles.
  • Policy deployment & troubleshooting- Experience deploying policies via Intune or Group Policy, with the ability to troubleshoot application blocking and connectivity issues.
  • Endpoint security tooling- Familiarity with Microsoft Defender for Endpoint, PowerShell Scripting for policy management, and tools such as SCCM; relevant certifications (Microsoft MD-102/SC-200 or Ivanti) are a plus.

Apply for this position